Feeds

Trustwave to escape 'death penalty' for SSL skeleton key

Moz likely to spare certificate-confession biz same fate as DigiNotar

Choosing a cloud hosting partner with confidence

Trustwave fights backs

In a statement, Trustwave said it supplied the skeleton-key digital credential authority to a private customer - not an ISP, government or law enforcement agency - adding that the technology could not have been used outside the private network to which it was supplied. A Trustwave representative, Brian Trzupek, expanded on this explanation a little during the debate on the Mozilla list.

Trzupek said the "single subordinate root system" technology was supplied as a one-off "issued to a enterprise customer for use on their internal network - with network usage policies presented to users". He said that the decision to stop offering the technology, which he stressed was supplied with stringent safeguards, was made in light of concerns raised by the Comodo and DigiNotar hacks last year. He wrote:

We did not create a system where the customer could generate ad-hoc SSL certificates AND extract the private keys to be used outside this device. Nor could the subordinate root key ever get exported from the device. The system was used only for routing internal corporate traffic and not in any other way. In addition, our on-site audit focused on physical security and controls around the appliances to ensure that the boxes could not be physically taken from the facility to be placed on other networks to route traffic there.

The system is not being revoked because of any type of compromise or issue with the the trust of the system. The system is being revoked in light of the major SSL events that occurred last year, as we have decided to no longer enable this system or any systems of this type in the future.

Interception

Last year hackers broke into the systems of Comodo and DigiNotar, granting rights to issue themselves with fake digital credentials. The fraudulent DigiNotar certificates were later used in a man-in-the-middle attack on ordinary internet users in Iran. Users in the Islamic Republic who thought they were talking directly to Gmail, Skype and other services were actually going through an intermediary who would have been able to sniff their traffic, logs at DigiNotar revealed.

Audits of DigiNotar revealed systemic security failures that prompted browser developers to revoke its trusted status, the same sanction some would like to see applied against Trustwave.

The lingering sensitivities over the DigiNotar and Comodo hacks partially explains why such severe punishments against Trustwave are even on the table.

What Trustwave has done "is a highly unusual activity, and is essentially the Holy Grail hackers are looking for", explained Mark Bower, data protection expert and VP at Voltage Security. "This is why hackers last year penetrated PKIs [public-key infrastructures] – to issue themselves bogus certificates for interception cases, for example to snoop on Gmail, which appeared to be the goal of hackers operating for the Iranian government as was reported last year."

He added: "Trustwave is also a security auditor. It’s questionable why an audit firm would be issuing digital certificates which could be potentially used by hackers if they fell into the wrong hands."

"If an organization has the ability to intercept SSL in this ‘man-in-the-middle’ situation as reported, this makes SSL useless. Who is this entity? Why did they have this capability?" Bower asked.

SSL bashers' ball

The debate over Trustwave comes hot on the heels of news that VeriSign suffered unspecified security breaches last year. VeriSign, the 800lb gorilla of the digital certificate business, hasn't said what type of attacks it suffered from, which could be anything from isolated malware infection or denial of service attacks to a more serious compromise. This lack of detail is less than helpful.

Trustwave has come clean about issuing MitM authority but it seems unlikely that it was alone in applying this approach, another source of concern.

"Unfortunately this is meat and drink for the ‘SSL bashers’ in the industry," said Calum MacLeod, EMEA director of the enterprise key and certificate management firm Venafi.

"Trustwave should be commended for making this statement public, knowing that this could result in reputation damage. I believe it is commendable that they will no longer continue this practice, but the reality is, in my opinion, that this is a common industry practice," said MacLeod.

"Most large enterprises use this approach to be able to monitor outgoing and incoming traffic, and it is common to find an assortment of technologies between a user and a web service such as DLP [data loss prevention], performance monitoring, and customer experience monitoring technologies, which are there ostensibly to help provide users and customers’ with more efficient services."

MacLeod compared the practice to the frequent recording and monitoring of calls to bank or airline call centres, a practice frequently explained in greeting messages. He called for a sense of proportion in the debate.

Preliminary verdict

The Mozilla discussion, which has ran to 66 erudite and technically detailed posts, appears to be moving towards a conclusion - if not a consensus. Mozilla representative Kathleen Wilson suggested that Trustwave will escape sanction and that other certificate authorities will be given a period of grace to come clean if they are offering MitM technology. Those that fail to come forward and continue to extend the practice will be punished, Wilson warned.

"I have posted a draft CA Communication in the mozilla.dev.security.policy forum for review/discussion," Wilson wrote. "My intent is to make it clear that this type of behaviour will not be tolerated for subCAs chaining to roots in NSS, give all CAs fair warning and a grace period, and state the consequences if such behaviour is found after that grace period. There is also an action item for CAs to update their CP/CPS to make it clear that they will not issue subCAs for this purpose."

The suggested policy, if adopted, will draw a line under the Trustwave MitM certificate affair but is unlikely to restore complete faith in the digital certificate system that underpins trust in secure communications on the net. The present trust model, vital to e-commerce is well as privacy, was devised in the 1990s, and increasingly looks outmoded and outdated.

Alternative trust models - such as Convergence - remain largely experimental so we'll have to stick with multiple CAs and digital certificate to secure SSL for the immediate future, at least.

To paraphrase Supertramp it's not much of a trust system but it's the only one we've got. ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
China is ALREADY spying on Apple iCloud users, watchdog claims
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.